Container Days London
Meet us in London and see why Cloudsmith is the world’s best cloud-native artifact management platform—fully managed, built for scale, and designed to secure and streamline everything in your software supply chain.
BREAKOUT SESSION
Using OpenSSF Malicious Packages project to identify malware in running containers
While we’re trained to scan for CVEs, traditional tools often miss active malware like typosquatting or dependency confusion. This session introduces the OpenSSF Malicious Packages project to bridge this gap, offering hands-on Kubernetes security insights and code snippets you can use today. You’ll learn the critical differences between vulnerabilities and malware, how the project catalogs widespread attacks, and how to leverage its API and OSV data to automate your security checks and detect active threats in your running containers.
- Wednesday, 11th February
- 2.55 PM - 3.30 PM GMT
- Theatre 4
Breakout session
Fantastic Exploits and Where to Find Them
Stop prioritizing CVEs by CVSS score alone; it’s a losing game that leads to burnout while leaving you exposed to the risks that actually matter. This session provides a practical field guide to context-aware vulnerability management, shifting the focus from theoretical severity to realistic exploitability. By combining critical data points like EPSS, CISA KEV, and ExploitDB, you’ll move past the noise to gain actionable intelligence.
- Thursday, 12th February
- 2:40 PM - 3.15 PM GMT
- Theatre 3
ENTER TO WIN
Raspberry Pi Raffle
Stop by Cloudsmith’s booth and learn to secure your artifacts using a Raspberry Pi. Attendees who complete the activity on the Pi will receive a raffle ticket to enter to win their very own Raspberry Pi Desktop Set!
